Analysis

  • max time kernel
    150s
  • max time network
    113s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-06-2024 23:52

General

  • Target

    7d2fe351521a1294e754a1732e24b7038266c741f5f9c433462c5c5d0271ec41.exe

  • Size

    51KB

  • MD5

    880bb22be5ca5146b402ffecf07df8b7

  • SHA1

    727cf903f584aea9fe59be8b60a7a00367251011

  • SHA256

    7d2fe351521a1294e754a1732e24b7038266c741f5f9c433462c5c5d0271ec41

  • SHA512

    8c99fdd0626e3e79c580602ae3dc223822ab2d84de9fc885a5b0680b91cc9a7fe34a3431fc5da2e0c3a8c29244cb3742c5b8b2cefa77633c3d891e6150a4f356

  • SSDEEP

    768:W7BlpppARFbhWJQi3I1krJwYSoVaEI1krJwYSoVaX:W7ZppApHiYRoVa3RoVaX

Score
9/10

Malware Config

Signatures

  • Renames multiple (5122) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7d2fe351521a1294e754a1732e24b7038266c741f5f9c433462c5c5d0271ec41.exe
    "C:\Users\Admin\AppData\Local\Temp\7d2fe351521a1294e754a1732e24b7038266c741f5f9c433462c5c5d0271ec41.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-3906287020-2915474608-1755617787-1000\desktop.ini.tmp

    Filesize

    51KB

    MD5

    931543d14badfa279f667bd13596d4f3

    SHA1

    5385bf0bd00f86db8ba1edf9c41b78316c162e2a

    SHA256

    b0f77e3c999864f92c11134df9c235fa3f4655a8ff703ff38bf97e078bc7f527

    SHA512

    8953113e0023f2a9fb05069eb35f7d976720348268ae76b461e54d63eadf614a8301de45fbe8bacdac96268729ef88bc3bdf17a5ece477a710fbd56e7b21dcef

  • C:\Program Files\7-Zip\7-zip.dll.tmp

    Filesize

    150KB

    MD5

    b7d8223c3a3c19f00579617343e4764c

    SHA1

    a54f68af4cd2396867849d19fea3259a0d27afdd

    SHA256

    e3ed55e3d86b89c962223cde38a21fd57fe08d3327a7ca06f01a794eab82b11e

    SHA512

    ae345f1b0757da8afffa712f1e9cfd01bbd1413a9586dc4b29b9285ad95d3d7bc329805605686d2a54d100ea1ba8277a3256513d7cf714ecc113c3efe56bde49